$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: mXy2HAzb9sWPmQvZhbfjc+k2a2SN94iLWSOJQJ9Eno4= Subject key identifier: 82:49:97:BA:F4:40:66:E3:71:30:45:0B:96:D5:8F:1E:39:A5:D7:B2 Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 0974 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 096D Signing time: Fri 18 Jul 2025 20:23:19 +0000 Manifest this update: Fri 18 Jul 2025 20:23:19 +0000 Manifest next update: Fri 25 Jul 2025 20:23:19 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: 4UYZBpr23G5qnOfCqw1+sUoQlKxRW4D4Rk7nknr19j4=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: Y4bw++TnnqHhnQXoIqONS+4c30WzzpJSk4du/GajLxg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 20:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2420 (0x974) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Jul 18 20:23:19 2025 GMT Not After : Jul 25 20:23:19 2025 GMT Subject: CN=687aad37-5482 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:fd:16:5a:db:60:46:d7:dd:15:13:c4:f2:1b: 0b:3e:6a:10:24:70:1c:5c:d4:28:f1:17:3f:ed:a0: 65:f4:92:a3:b5:ff:23:89:a7:80:ec:e2:95:7e:17: fa:08:c9:76:f9:04:ee:4a:85:b5:9f:8f:7d:9b:e5: 4c:7a:10:8d:71:9e:41:ed:65:e0:76:a0:fe:9a:6d: 76:d5:7a:86:60:53:f2:f5:a9:66:36:e2:c2:db:5b: e8:9d:2e:1a:5a:71:5a:0d:e7:16:d2:26:e7:87:22: fa:3f:74:74:c8:2c:83:fb:1b:35:89:bf:f6:b7:6d: 61:ca:f6:bd:fd:bd:0d:3d:5b:a0:af:a3:c8:c2:29: f3:db:3a:df:41:2a:b3:e7:6e:1d:64:5c:76:c0:77: bf:4b:be:db:f2:95:4f:b3:42:48:fc:b7:05:61:2f: 86:69:57:f6:73:62:5f:d2:d5:a5:03:8c:c2:7d:78: c6:18:d3:d3:88:15:4c:1a:5f:49:64:08:ad:3d:79: c3:4d:fa:05:d6:ef:77:15:63:dc:22:e5:13:c1:0f: ca:78:c7:94:95:b8:53:ce:ff:6d:9d:32:0a:a8:7d: ea:e7:64:24:a9:d7:ee:a7:4a:58:18:19:08:01:b4: 1b:f2:fb:51:c7:75:60:ec:67:8f:9c:b4:74:e9:3d: 01:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:49:97:BA:F4:40:66:E3:71:30:45:0B:96:D5:8F:1E:39:A5:D7:B2 X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:8a:40:0d:96:19:07:45:ac:31:28:54:5e:70:99:e7:00:f7: 33:8b:46:49:ad:af:70:50:c1:35:e0:8b:7e:bd:5c:e8:bb:e0: f8:08:03:9b:c3:28:f6:6c:86:76:23:7d:96:7c:1a:d2:e8:c4: 0b:9a:f4:30:d5:d9:d5:8e:44:f2:dd:a1:5d:79:d8:40:ea:39: 3e:43:aa:2f:fd:67:4b:b2:3c:7a:3c:30:66:de:e1:b1:3f:0f: e2:3e:a0:94:20:a7:84:ab:13:5e:7c:20:ee:a3:d9:32:64:72: 11:b0:a2:91:1b:f0:a0:20:54:71:aa:47:50:d8:ba:09:ca:9b: fe:3f:e4:29:68:67:ff:81:3e:2e:6d:5b:4a:10:af:3b:2f:f4: fc:bc:a5:c5:3c:bf:4b:14:75:4b:17:21:d8:3e:b1:e0:f1:6b: 53:ed:6f:6e:b1:93:22:37:30:7f:e9:4a:cf:94:1a:5d:e0:c9: 58:90:0a:41:6f:fe:20:f8:70:46:05:64:f1:bc:e2:a0:e6:95: 9b:58:79:f4:dd:38:72:68:81:4e:05:a6:94:ad:e6:8e:4d:be: 57:09:20:e5:4d:27:c6:b3:2b:03:32:2d:fc:06:93:18:75:01: a8:c4:e8:6e:b7:28:50:45:f7:80:fc:6e:d8:b0:10:b7:63:bc: b0:bd:44:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwNzE4MjAyMzE5WhcNMjUwNzI1MjAyMzE5WjAYMRYwFAYD VQQDEw02ODdhYWQzNy01NDgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyP0WWttgRtfdFRPE8hsLPmoQJHAcXNQo8Rc/7aBl9JKjtf8jiaeA7OKVfhf6 CMl2+QTuSoW1n499m+VMehCNcZ5B7WXgdqD+mm121XqGYFPy9almNuLC21vonS4a WnFaDecW0ibnhyL6P3R0yCyD+xs1ib/2t21hyva9/b0NPVugr6PIwinz2zrfQSqz 524dZFx2wHe/S77b8pVPs0JI/LcFYS+GaVf2c2Jf0tWlA4zCfXjGGNPTiBVMGl9J ZAitPXnDTfoF1u93FWPcIuUTwQ/KeMeUlbhTzv9tnTIKqH3q52Qkqdfup0pYGBkI AbQb8vtRx3Vg7GePnLR06T0BjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIJJl7r0 QGbjcTBFC5bVjx45pdeyMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxikANlhkHRawxKFRecJnnAPczi0ZJra9wUME14It+vVzou+D4CAOb wyj2bIZ2I32WfBrS6MQLmvQw1dnVjkTy3aFdedhA6jk+Q6ov/WdLsjx6PDBm3uGx Pw/iPqCUIKeEqxNefCDuo9kyZHIRsKKRG/CgIFRxqkdQ2LoJypv+P+QpaGf/gT4u bVtKEK87L/T8vKXFPL9LFHVLFyHYPrHg8WtT7W9usZMiNzB/6UrPlBpd4MlYkApB b/4g+HBGBWTxvOKg5pWbWHn03ThyaIFOBaaUreaOTb5XCSDlTSfGsysDMi38BpMY dQGoxOhutyhQRfeA/G7YsBC3Y7ywvUQW -----END CERTIFICATE-----Generated at Sun Jul 20 02:37:14 2025 by rpki-client